Class: Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList

Inherits:
Array
  • Object
show all
Defined in:
lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb

Overview

Simple wrapper class for storing processes

Instance Method Summary collapse

Instance Method Details

#to_table(opts = {}) ⇒ Object

Create a Rex::Ui::Text::Table out of the processes stored in this list

opts is passed on to Rex::Ui::Text::Table.new, mostly unmolested

Note that this output is affected by Rex::Post::Meterpreter::Client#unicode_filter_encode



386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
 
# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb', line 386

def to_table(opts={})
  if empty?
    return Rex::Ui::Text::Table.new(opts)
  end

  cols = [ "PID", "PPID", "Name", "Arch", "Session", "User", "Path" ]
  # Arch and Session are specific to native Windows, PHP and Java can't do
  # ppid.  Cut columns from the list if they aren't there.  It is conceivable
  # that processes might have different columns, but for now assume that the
  # first one is representative.
  cols.delete_if { |c| !( first.has_key?(c.downcase) ) or first[c.downcase].nil? }

  opts = {
    'Header' => 'Process List',
    'Indent' => 1,
    'Columns' => cols
  }.merge(opts)

  tbl = Rex::Ui::Text::Table.new(opts)
  each { |process|
    tbl << cols.map { |c|
      col = c.downcase
      val = process[col]
      if col == 'session'
        val == 0xFFFFFFFF ? '' : val.to_s
      elsif col == 'arch'
        # for display and consistency with payload naming we switch the internal
        # 'x86_64' value to display 'x64'
        val == ARCH_X86_64 ? 'x64' : val
      else
        val
      end
    }.compact
  }

  tbl
end